package com.xht.utils;

import com.xht.security.oauth2.server.authorization.authentication.OAuth2PassWordAuthenticationConverter;
import com.xht.security.oauth2.server.authorization.authentication.OAuth2PassWordAuthenticationProvider;
import com.xht.security.oauth2.server.authorization.token.XhtOAuth2AccessTokenGenerator;
import com.xht.security.oauth2.server.authorization.token.XhtOAuth2TokenCustomizer;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.core.OAuth2Token;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.token.DelegatingOAuth2TokenGenerator;
import org.springframework.security.oauth2.server.authorization.token.OAuth2RefreshTokenGenerator;
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter;
import org.springframework.security.web.authentication.AuthenticationConverter;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * <h1>描述 ：</h1>
 *
 * @author : 小糊涂
 * @version : 1.0
 **/
public final class Oauth2ConfigUtils {

    /**
     * 添加自定义的 Providers
     *
     * @param http HttpSecurity
     */
    public static void addCustomDefaultProviders(HttpSecurity http) {
        AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class);
        OAuth2AuthorizationService authorizationService = http.getSharedObject(OAuth2AuthorizationService.class);
        OAuth2PassWordAuthenticationProvider oAuth2PassWordAuthenticationProvider = new OAuth2PassWordAuthenticationProvider(authorizationService, oAuth2TokenGenerator(), authenticationManager);
        http.authenticationProvider(oAuth2PassWordAuthenticationProvider);
    }


    /**
     * 令牌生成规则实现 </br>
     * client:username:uuid
     *
     * @return OAuth2TokenGenerator
     */
    public static OAuth2TokenGenerator<? extends OAuth2Token> oAuth2TokenGenerator() {
        XhtOAuth2AccessTokenGenerator accessTokenGenerator = new XhtOAuth2AccessTokenGenerator();
        accessTokenGenerator.setAccessTokenCustomizer(new XhtOAuth2TokenCustomizer());
        // 注入Token 增加关联用户信息
        OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
        return new DelegatingOAuth2TokenGenerator(accessTokenGenerator, refreshTokenGenerator);
    }

    /**
     * 处理 AuthenticationConverter
     *
     * @return AuthenticationConverter
     */
    public static AuthenticationConverter accessTokenRequestConverters() {
        List<AuthenticationConverter> converterList = new ArrayList<>();
        OAuth2PassWordAuthenticationConverter oAuth2PassWordAuthenticationConverter = new OAuth2PassWordAuthenticationConverter();
        converterList.add(oAuth2PassWordAuthenticationConverter);
        return new DelegatingAuthenticationConverter(converterList);
    }

    /**
     * @param authorization OAuth2Authorization
     * @return Map<String, Object>
     */
    public static Map<String, Object> getClaims(OAuth2Authorization authorization) {
        Map<String, Object> result = new HashMap<>();
        Map<String, Object> map = authorization.getAccessToken().getClaims();
        if (null == map || map.isEmpty()) {
            map = new HashMap<>();
        }
        result.put("code", map.get("code"));
        return result;
    }


}
